CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-0537

The Product Slider For WooCommerce Lite WordPress plugin through 1.1.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.3%

CVSS Severity

CVSS v3 Score 5.4

References

https://wpscan.com/vulnerability/d7369f1d-d1a0-4576-a676-c70525a6c743
https://wpscan.com/vulnerability/d7369f1d-d1a0-4576-a676-c70525a6c743

Products affected by CVE-2023-0537

Shapedplugin » Product Slider For Woocommerce » Version: N/A

cpe:2.3:a:shapedplugin:product_slider_for_woocommerce:-
Shapedplugin » Product Slider For Woocommerce » Version: 1.0

cpe:2.3:a:shapedplugin:product_slider_for_woocommerce:1.0
Shapedplugin » Product Slider For Woocommerce » Version: 1.1

cpe:2.3:a:shapedplugin:product_slider_for_woocommerce:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0537

Products

Pricing

Contact Us